package com.xm.eboot.common.config.cros;

import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

/**
 * @ClassName: CorsConfig
 * @Description: 通用跨域配置类
 * @author mengxc
 * @date 2021年7月1日 下午3:09:19
 */
@Configuration
public class CorsConfig {

	@Bean
	public FilterRegistrationBean<CorsFilter> corsFilter() {
		// 1.添加CORS配置信息
		CorsConfiguration config = new CorsConfiguration();
		// 1) 允许的域,不要写*，否则cookie就无法使用了
		// config.addAllowedOrigin("http://manage.leyou.com");
		// config.addAllowedOrigin("http://www.leyou.com");
		config.addAllowedOrigin("*");
		// 2) 是否发送Cookie信息
		config.setAllowCredentials(true);
		// 3) 允许的请求方式
		config.addAllowedMethod("OPTIONS");
		config.addAllowedMethod("HEAD");
		config.addAllowedMethod("GET");
		config.addAllowedMethod("PUT");
		config.addAllowedMethod("POST");
		config.addAllowedMethod("DELETE");
		config.addAllowedMethod("PATCH");
		config.setMaxAge(3600L);
		// 4）允许的头信息
		config.addAllowedHeader("*");

		// 2.添加映射路径，我们拦截一切请求
		UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
		configSource.registerCorsConfiguration("/**", config);

		// 3.返回新的CorsFilter.
		// return new CorsFilter(configSource);

		FilterRegistrationBean<CorsFilter> bean = new FilterRegistrationBean<CorsFilter>(new CorsFilter(configSource));
		bean.setOrder(0);
		return bean;
	}

}
